Johan Cwiklinski

19 exploits Active since Mar 2019
CVE-2019-10232 WRITEUP CRITICAL WRITEUP
Teclib-edition Gestionnaire Libre DE Parc Informatique - SQL Injection
Teclib GLPI through 9.3.3 has SQL injection via the "cycle" parameter in /scripts/unlock_tasks.php.
CVSS 9.8
CVE-2019-13240 WRITEUP MEDIUM WRITEUP
Glpi < 9.4.1 - Password Reset Weakness
An issue was discovered in GLPI before 9.4.1. After a successful password reset by a user, it is possible to change that user's password again during the next 24 hours without any information except the associated email address.
CVSS 5.9
CVE-2020-11031 WRITEUP HIGH WRITEUP
GLPI <9.5.0 - Info Disclosure
In GLPI before version 9.5.0, the encryption algorithm used is insecure. The security of the data encrypted relies on the password used, if a user sets a weak/predictable password, an attacker could decrypt data. This is fixed in version 9.5.0 by using a more secure encryption library. The library chosen is sodium.
CVSS 7.8
CVE-2020-11062 WRITEUP MEDIUM WRITEUP
GLPI <9.4.6 - XSS
In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in Dropdown endpoints due to an invalid Content-Type. This has been fixed in version 9.4.6.
CVSS 6.0
CVE-2020-15108 WRITEUP HIGH WRITEUP
glpi <9.5.1 - SQL Injection
In glpi before 9.5.1, there is a SQL injection for all usages of "Clone" feature. This has been fixed in 9.5.1.
CVSS 7.1
CVE-2020-15176 WRITEUP HIGH WRITEUP
GLPI <9.5.2 - SQL Injection
In GLPI before version 9.5.2, when supplying a back tick in input that gets put into a SQL query,the application does not escape or sanitize allowing for SQL Injection to occur. Leveraging this vulnerability an attacker is able to exfiltrate sensitive information like passwords, reset tokens, personal details, and more. The issue is patched in version 9.5.2
CVSS 8.7
CVE-2021-21258 WRITEUP MEDIUM WRITEUP
GLPI <9.5.4 - XSS
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI from version 9.5.0 and before version 9.5.4, there is a cross-site scripting injection vulnerability when using ajax/kanban.php. This is fixed in version 9.5.4.
CVSS 6.8
CVE-2021-21319 WRITEUP MEDIUM WRITEUP
Galette < 0.9.5 - XSS
Galette is a membership management web application geared towards non profit organizations. In versions prior to 0.9.5, malicious javascript code can be stored to be displayed later on self subscription page. The self subscription feature can be disabled as a workaround (this is the default state). Malicious javascript code can be executed (not stored) on login and retrieve password pages. This issue is patched in version 0.9.5.
CVSS 6.8
CVE-2021-41260 WRITEUP HIGH WRITEUP
Galette <0.9.6 - CSRF
Galette is a membership management web application built for non profit organizations and released under GPLv3. Versions prior to 0.9.6 do not check for Cross Site Request Forgery attacks. All users are advised to upgrade to 0.9.6 as soon as possible. There are no known workarounds for this issue.
CVSS 8.2
CVE-2021-41261 WRITEUP HIGH WRITEUP
Galette <0.9.6 - XSS
Galette is a membership management web application built for non profit organizations and released under GPLv3. Versions prior to 0.9.6 are subject to stored cross site scripting attacks via the preferences footer. The preference footer can only be altered by a site admin. This issue has been resolved in the 0.9.6 release and all users are advised to upgrade. There are no known workarounds.
CVSS 8.1
CVE-2021-41262 WRITEUP HIGH WRITEUP
Galette <0.9.6 - SQL Injection
Galette is a membership management web application built for non profit organizations and released under GPLv3. Versions prior to 0.9.6 are subject to SQL injection attacks by users with "member" privilege. Users are advised to upgrade to version 0.9.6 as soon as possible. There are no known workarounds.
CVSS 8.8
CVE-2022-24867 WRITEUP HIGH WRITEUP
Glpi < 10.0.0 - Information Disclosure
GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. When you pass the config to the javascript, some entries are filtered out. The variable ldap_pass is not filtered and when you look at the source code of the rendered page, we can see the password for the root dn. Users are advised to upgrade. There is no known workaround for this issue.
CVSS 7.5
CVE-2023-46727 WRITEUP HIGH WRITEUP
GLPI <10.0.11 - SQL Injection
GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.11, GLPI inventory endpoint can be used to drive a SQL injection attack. Version 10.0.11 contains a patch for the issue. As a workaround, disable native inventory.
CVSS 8.6
CVE-2024-24761 WRITEUP HIGH WRITEUP
Galette <1.0.2 - Info Disclosure
Galette is a membership management web application for non profit organizations. Starting in version 1.0.0 and prior to version 1.0.2, public pages are per default restricted to only administrators and staff members. From configuration, it is possible to restrict to up-to-date members or to everyone. Version 1.0.2 fixes this issue.
CVSS 7.5
CVE-2024-27096 WRITEUP HIGH WRITEUP
GLPI <10.0.13 - SQL Injection
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can exploit a SQL injection vulnerability in the search engine to extract data from the database. This issue has been patched in version 10.0.13.
CVSS 7.7
CVE-2024-27098 WRITEUP MEDIUM WRITEUP
GLPI <10.0.13 - SSRF
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can execute a SSRF based attack using Arbitrary Object Instantiation. This issue has been patched in version 10.0.13.
CVSS 6.4
CVE-2024-31456 WRITEUP HIGH WRITEUP
Glpi < 10.0.15 - SQL Injection
GLPI is a Free Asset and IT Management Software package. Prior to 10.0.15, an authenticated user can exploit a SQL injection vulnerability from map search. This vulnerability is fixed in 10.0.15.
CVSS 7.7
CVE-2025-27147 WRITEUP HIGH WRITEUP
GLPI Inventory Plugin <1.5.0 - Privilege Escalation
The GLPI Inventory Plugin handles various types of tasks for GLPI agents, including network discovery and inventory (SNMP), software deployment, VMWare ESX host remote inventory, and data collection (files, Windows registry, WMI). Versions prior to 1.5.0 have an improper access control vulnerability. Version 1.5.0 fixes the vulnerability.
CVSS 8.2
CVE-2025-27514 WRITEUP MEDIUM WRITEUP
GLPI <10.0.18 - Stored XSS
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 9.5.0 through 10.0.18, a technician can use a malicious payload to trigger a stored XSS on the project's kanban. This is fixed in version 10.0.19.
CVSS 4.5